[Free] 2017(Sep) EnsurePass Testinsides GIAC GCFW Dumps with VCE and PDF 1-10

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep GIAC Official New Released GCFW
100% Free Download! 100% Pass Guaranteed!

GIAC Certified Firewall Analyst

Question No: 1 – (Topic 1)

Which of the following can be monitored by using the host intrusion detection system (HIDS)?

Each correct answer represents a complete solution. Choose two.

  1. Computer performance

  2. File system integrity

  3. Storage space on computers

  4. System files

Answer: B,D

Question No: 2 – (Topic 1)

Which of the following components are usually found in an Intrusion detection system (IDS)


Each correct answer represents a complete solution. Choose two.

  1. Firewall

  2. Console

  3. Gateway

  4. Modem

  5. Sensor

Answer: B,E

Question No: 3 – (Topic 1)

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

  1. Using Secret keys for authentication.

  2. Using public key infrastructure authentication.

  3. Using Off-channel verification.

  4. Using basic authentication.

Answer: A,B,C

Question No: 4 – (Topic 1)

Which of the following ICMPv6 neighbor discovery messages is sent by hosts to request an immediate router advertisement, instead of waiting for the next scheduled advertisement?

  1. Router Advertisement

  2. Neighbor Advertisement

  3. Router Solicitation

  4. Neighbor Solicitation

Answer: C

Question No: 5 – (Topic 1)

Which of the following statements about the traceroute utility are true? Each correct answer represents a complete solution. Choose all that apply.

  1. It generates a buffer overflow exploit by transforming an attack shell code so that the new attack shell code cannot be recognized by any Intrusion Detection Systems.

  2. It uses ICMP echo packets to display the Fully Qualified Domain Name (FQDN) and the IP address of each gateway along the route to the remote host.

  3. It records the time taken for a round trip for each packet at each router.

  4. It is an online tool that performs polymorphic shell code attacks.

Answer: B,C

Question No: 6 – (Topic 1)

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

  1. Network-based

  2. File-based

  3. Signature-based

  4. Anomaly-based

Answer: D

Question No: 7 – (Topic 1)

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP network. You have been assigned a task to configure security mechanisms for the network of the company. You have decided to configure a packet filtering firewall. Which of the following may be the reasons that made you choose a packet filtering firewall as a security mechanism?

Each correct answer represents a complete solution. Choose all that apply.

  1. It makes security transparent to end-users which provide easy use of the client application s.

  2. It prevents application-layer attacks.

  3. It is easy to install packet filtering firewalls in comparison to the other network security sol utions.

  4. It easily matches most of the fields in Layer 3 packets and Layer 4 segment headers, and thus, provides a lot of flexibility in implementing security policies.

Answer: A,C,D

Question No: 8 – (Topic 1)

Which of the following types of Intrusion Detection Systems consists of an agent on a host that identifies intrusions by analyzing system calls, application logs, file-system modifications (binaries, password files, capability/acl databases) and other host activities and state?

  1. HIDS

  2. NIDS

  3. APIDS

  4. PIDS

Answer: A

Question No: 9 – (Topic 1)

A packet filtering firewall inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Based on which of the following information are these rules set to filter the packets?

Each correct answer represents a complete solution. Choose all that apply.

  1. Layer 4 protocol information

  2. Actual data in the packet

  3. Interface of sent or received traffic

  4. Source and destination Layer 3 address

Answer: A,C,D

Question No: 10 – (Topic 1)

Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.

Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?

  1. Block ICMP type 13 messages

  2. Block ICMP type 3 messages

  3. Block all outgoing traffic on port 21

  4. Block all outgoing traffic on port 53

Answer: A

100% Ensurepass Free Download!
Download Free Demo:GCFW Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass GCFW Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.